We are implementing a Password Vault. The vault will always have the latest,
correct password.
The Vault product vendor supplies an SDK with which the current password for an
account may be obtained.
We use functional, non-human accounts for the application so I don't need a
PerUser Pool, so I've opted for the SharedPoolDataSource.
My question is, should I simply extend SharedPoolDataSource overriding the two
getConnection methods, make the call the vault SDK with the username and call
super passing the latest password? See below:
public Connection getConnection(String username, String password) throws
SQLException {
String currentPassword = vaultsdk.getCurrentPassword(username);
return super.getConnection(username, currentPassword);
}
I am counting on SharedPoolDataSource honoring the fact that the password for
the user with which the pool was initialized may have changed since the pool
was initialized. Some of our applications remain running for weeks or months
and it is likely that our password change process will change the password
during that time.
So, does this seem like the proper approach?
Also, I am not sure what to do about the no-args getConnection( ) method.
Should I get the username that was used to initialize the pool and get the
latest password? But then what do I do with that password? So any help or
guidance on the no-args method would be appreciated.
Thanks
-Tim
This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law. If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED. Although this transmission and
any attachments are believed to be free of any virus or other
defect that might affect any computer system into which it is
received and opened, it is the responsibility of the recipient to
ensure that it is virus free and no responsibility is accepted by
JPMorgan Chase & Co., its subsidiaries and affiliates, as
applicable, for any loss or damage arising in any way from its use.
If you received this transmission in error, please immediately
contact the sender and destroy the material in its entirety,
whether in electronic or hard copy format. Thank you.
